Start Site Page 245

Integration or extinction: the new rules of technology for marketing

Chris Koehler
-
0
Integration or extinction: the new rules of technology for marketing

There are only three things certain in life: death, taxes, and that marketing professionals will change their technology tools, the so-called martechs. When the researchMartech Replacement 2024It arrived at my desk; this change became extremely clear. From marketing automation tools to CRM, ESP (and beyond), the insatiable thirst of marketing professionals for change remains unwavering.

But what is interesting are the factors that drive these changes. Low adoption, contract renewals, consolidation of new tools, new leadership, and many other reasons are catalysts that drive this constant state of flux in technology tools.

In 2024, the main factor driving the change in martech was, unsurprisingly, cost, the most visible part of any martech investment — and one that is often scrutinized closely by CFOs. It is not surprising that the latest researchGartner CMO Spend, from Gartner, shows martech spending at its lowest level in 10 years.

But it was the second factor driving martech replacement – integration/open API capabilities – that caught my attention.

Consolidation and fragmentation, simultaneously

Thanks to the explosion of martech apps in the last decade, much has been done to anticipate an inevitable transition towards the consolidation of technology tools. The premise is that the fewer applications in your technology infrastructure, the cheaper and better it will be to manage.

While the proliferation of tools is real, and some consolidation is certainly happening, the data tells us that companies are usingmore software than ever, using specialized tools and applications to meet specific and critical business needs. Observe the technology tools of most modern companies and you will see main platforms supporting a Jenga tower of interconnected tools, not a single, universal platform.

The reportState of MartechIn 2024, a similar pattern was found. Although they have essential platforms (such as CRM, CEPs, CDPs, or data warehouses), about 82% of the surveyed organizations also reported using alternative products and applications.

It is precisely in this context that integration/opening becomes so important. To be honest, if a provider does not integrate their data well with other tools, marketing professionals will find a different tool that does.

A wolf in sheep's clothing

The big martech suites have, of course, noticed this growing demand for interoperability and have created seemingly robust application ecosystems that allow you to use a variety of different tools in combination with their core platform.

But beware, buyer: these integrations are not free.

These large software packages built their dominance by acquiring and merging smaller, independent technology companies. As a result, these enterprise software packages encompass various applications, each operating on different data models that lack internal compatibility, let alone integration features with third-party systems.

This means that while it is technically possible to integrate third-party point solutions with them, they are so complex and clunky — with virtually no documentation — that most end up paying a premium for service providers to consult and build integrations on their behalf.

Looking forward to 2025

Given the importance marketers have placed on integration capabilities in 2024, this veneer of interoperability is unlikely to be enough.

With the increase in APIs and the growing demand for composable technology tools, the bar for martech providers has never been higher. They need to ensure compatibility between different tools and registration systems, ensure that data flows accurately between tools in real time, provide user-friendly interfaces for teams to leverage their API, and offer the best documentation and tools in the category to support them in building their technology stack.

If this seems like a difficult task, it shows how marketing, data, analytics, and digital teams are maturing within organizations. With this maturity come greater skills and experience in technology, and a desire to go beyond ready-to-use functionality.

It is important to embrace platforms designed to be used with other systems, rather than lock you in. We believe that brands should have the flexibility to choose the best channel solutions for themselves, and marketing, data, and development teams should not have to spend months creating manual point integrations to get their data from these platforms.

In 2025 and beyond, I see a future that is much more integrated than before.

Eitri promises to transform the e-commerce market with innovative technologies

E-Commerce Update
-
0
Eitri promises to transform the e-commerce market with innovative technologies

Eitri, a SaaS (Software as a Service) company founded in 2024, aims to simplify app creation. Focusing on economy and quality, the company is transforming digital commerce by enabling Brazilian e-commerce businesses to develop mobile solutions with three times more productivity and one-third of the cost. Among its clients are prominent retailers such as C&A and Toymania. The company has already reached over R$ 90 million in Gross Merchandise Value (GMV).

Their co-founders, Guilherme Martins, Daniel Zupo, and João Machado, have extensive experience in the technology universe for digital commerce. The professionals worked for years in e-commerce companies such as Americanas, Submarino, and Shoptime. Together, they thought of an innovative alternative that differentiates itself from its competitors by allowing the app development to be done in a simpler, scalable, flexible, agile, secure, modular, and customized way.

The growing interest in mobile e-commerce solutions and the need for accelerated digitalization during and after the pandemic created many opportunities. The expectation is that the revenue in 2025 will be R$ 4 million.

The company transforms the development of e-commerce applications into a more agile, efficient, and accessible process. Using languages like Javascript and Typescript, the solution allows a single codebase to be used for iOS and Android platforms, eliminating the need for parallel projects. With the help of a proprietary design system, interfaces are created quickly, and the compilation occurs in the cloud, ensuring frictionless and accessible development from any device. For those who need backend integration, the serverless structure is a practical option. Furthermore, the deployment is immediate, without going through the traditional app store approval process, giving teams autonomy to manage the entire app lifecycle with independence and agility. In practical terms, Eitri provides the platform, while the client implements and customizes the application based on predefined verticals or starting from scratch.

Automatic Pix will bring efficiency and low cost to recurring payments

E-Commerce Update
-
0
Automatic Pix will bring efficiency and low cost to recurring payments

Business owners and financial managers no longer need to be tied to expensive payment methods to manage recurring charges. The new Pix modalities — such as Automatic Pix, which is expected to be officially launched in June 2025 — already offer more modern tools than credit cards, boleto, or automatic debit. To prepare the market for this innovation, Aarin launched afree e-bookwhich shows the main benefits and guides companies on how to implement the tool.

The material also highlights the reduction of operational costs, the simplification of billing management and the flexibility to serve different segments, such as gyms, schools, marketplaces and subscription services.

Recent data attest to the strength that Pix has gained in society. According to the Central Bank, Pix alreadyrespondsfor 35% of financial transactions in Brazil, surpassing transfers via TED and DOC. The volume traded in 2023 exceeded R$ 14 trillion. The new Pix Automatic mode has the potential to further increase this impact, democratizing access to recurring payments and boosting businesses of all sizes.

“A large part of the BC’s agenda for the coming years is focused on this complement of Pix products and services, such as Pix Garantido, Pix Internacional and Pix Automático. It offers advantages that go beyond reduced costs, transforming the management of recurring payments and ensuring greater efficiency, predictability and reach,” highlights an excerpt from the publication.

With practical examples and clear guidance, the e-book also highlights the simple implementation of Automatic Pix, which eliminates the need for intermediaries or bureaucratic processes common to other payment methods, as well as the regulatory aspect.    

“Automatic Pix is not just an innovation, it is a game changer. It transforms the way companies operate in this digital and dynamic world, bringing lower costs, accessibility for everyone and a lot of convenience for customers. Those who work with recurring payments will find it an essential competitive advantage”, highlights Ticiana Amorim, founder and CEO of Aarin.

Service
Link para download: https://aarin.com.br/pix-automatico/

PagBank simplifies and streamlines INSS payroll loans with the launch of a new digital journey in the bank's app

E-Commerce Update
-
0
PagBank simplifies and streamlines INSS payroll loans with the launch of a new digital journey in the bank's app

THEBanking developed a new way for INSS retirees and pensioners to take out payroll loans through the PagBank app. The feature unifies different operations such as new margin, refinancing, and portability into a single digital journey, simplifying the process and speeding up the hiring.

The novidade is aimed at retirees, pensioners, and INSS beneficiaries, who can now simulate, adjust conditions, and contract credit directly through the app, quickly and easily – see below for the step-by-step process. The customer can also track all the steps directly through the app and, after approval and depending on the operation, the amount will be released into the PagBank account within 1 to 7 business days.

"We are pioneers in the market to offer this functionality, where we unify different types of INSS payroll loans into a simple and intuitive journey. This not only makes service faster and more efficient but also expands business opportunities and strengthens our relationship with customers by providing a complete solution directly within the PagBank app," comments Claudio Limão, Director of Cards and Loans at PagBank.

"Being a type of loan where installments are directly deducted from the retiree or pensioner's benefit and with a low interest rate, it is a highly attractive option for retirees, pensioners, and INSS beneficiaries who need extra funds at the beginning of the year, when bills and expenses tend to be higher," concludes the executive.

Step by step guide to hiring INSS loans on the PagBank app 

  1. Access the PagBank application with your username and password;
  2. In the main tab, click on “Consignados and FGTS”;
  3. Choose the “INSS Loan” option and wait for the offers to be consulted;
  4. Check the simulation and, if you agree, click on "Hire". If necessary, adjust the conditions, click on "Update" and then on "Hire";
  5. Read the terms of service, confirm the proposal, and send it for review.  

One of the largest digital banks in the country by the number of clients, PagBank offers tools for in-person and online sales, a complete digital account for individuals and businesses, as well as features that contribute to financial management, such as Payroll. At PagBank, the credit card has a guaranteed limit, and investments become a limit for the card itself, enhancing customers' earnings*, in addition to generating up to 3% cashback on the bill, one of the highest in the market. At PagBank, those with active and inactive balances in the FGTS can request an advance directly through the PagBank app. To learn more about PagBank products,Click here.  

For more details on how to apply for the INSS loan,Click here

How to protect brand credibility and digital reputation in the face of Meta's controversies and new policies?

Silvana Pinero Nogueira
-
0
How to protect brand credibility and digital reputation in the face of Meta's controversies and new policies?

The decision announced by Meta to end its fact-checking program in the United States is not just an internal matter for the big tech with limited effects to its home country — its ripple effect directly impacts companies worldwide, especially in Brazil, one of the most connected markets. For Brazilian brands, this means navigating a more risky digital environment, where reputation is at stake. How to protect your image and credibility to maintain a trustworthy and solid online presence?

It is important to analyze the Brazilian context. In light of the speech by its co-founder and CEO, Mark Zuckerberg, signaling a new direction for Instagram, WhatsApp, and Facebook, the Office of the Attorney General of Brazil (AGU) issued an extrajudicial notice to the company, demanding explanations on how it will ensure compliance with Brazilian laws and regulations against defamation, discrimination, misinformation, and hate speech after the end of the fact-checking program.

In response, Meta stated that the announced changes will initially be limited to the US, and reaffirmed its commitment to removing violent or misleading content and addressing clear risks. The AGU, however, expressed "serious concern" about the changes, which could facilitate legal violations, as well as open space for misinformation and prejudice, leading to the convening of a public hearing to discuss the issue.

With or without practicesfact checkingThe truth is that fake news has been spreading in large volume and at an accelerated pace among our population for some time. Almost 90% of Brazilians have come into contact with false content, and 51% admit to having believed in it. This is what a survey by the Locomotiva Institute reveals. Brazil is one of Meta's most important markets. To give perspective, WhatsApp is the most used network in the country, with 147 million users, according to Digital Brazil 2024, a report developed by DataReportal. Next are YouTube (144 million), Instagram (134.6 million), and Facebook (111.3 million). In this context, fake news not only affect society but can also directly impact the brands present on the platforms. The lack of verification can increase the risk of attacks and the spread of false information related to companies.

But how to avoid this movement?

Continuous monitoring is the first line of defense for companies. This includes tracking brand mentions, comments on posts, and even user-generated content that could harm your image. Artificial intelligence tools play a fundamental role in this process, as does the expertise of specialized professionals, since they allow for quick identification and response to potential threats. Speed is necessary: false news is 70 times more likely to go viral than true information, as pointed out by a study from researchers at the Massachusetts Institute of Technology, meaning the problem requires an immediate response from brands.

It is necessary to invest in teams that can intensify this work, combining technology, analytical capacity and human sensitivity to increase the effectiveness of responses to crises and potential problems.

Another essential point is transparent communication. Companies must ensure that all information disclosed on their networks complies with laws such as the General Data Protection Law (LGPD) and regulations against slander and defamation. Clear, truthful messages backed by concrete actions reinforce public trust and demonstrate the brand's commitment to ethics.

Respect for good compliance practices is equally important. This includes conducting a rigorous curation of the content published on your channels, prioritizing information that is relevant and accurate.

Over-reliance on a single platform can expose brands to unnecessary risks. Therefore, diversifying digital presence is a key strategy. Networks like LinkedIn, TikTok, and YouTube offer valuable alternatives to Meta to reach different audiences and minimize the impact of policy changes by a single company. Reinforcement, it's not about abandoning important connection territories with the audience like Instagram, but about dispersing your presence.

Each channel must be exploited strategically. While LinkedIn is ideal for strengthening corporate and executive authority and credibility, TikTok can offer more dynamic and creative formats for engagement. YouTube is perfect for in-depth content with greater potential duration, keeping the audience engaged for longer.

Finally, prevention also involves internal education and a good crisis management structure. Companies should train their teams to handle digital crises, coach spokespersons, and establish clear protocols to respond to negative incidents on social media. This preparation helps mitigate damages and strengthens the organization's ability to protect its reputation.

Meta's new policies have the potential to change the evolution of social networks, requiring companies to adopt a proactive and strategic stance. With intensive monitoring, transparent communication, digital diversification, and internal education, it is possible not only to protect credibility but also to position oneself as a reference in an increasingly challenging digital environment.

Embedded finance and the fintechization of retail: keeping an eye on trends, the sector embarks on financial services and leaves banks behind

E-Commerce Update
-
0
Embedded finance and the fintechization of retail: keeping an eye on trends, the sector embarks on financial services and leaves banks behind

The fintech ecosystem is thriving in Brazil. According to the study "Fintech in Latin America and the Caribbean – a consolidated ecosystem with potential to contribute to regional financial inclusion," published in June of this year by IDB, Brazil is the country with the most platforms of this kind in Latin America, accounting for 24% of the total. Additionally, 21% of them are in the payments vertical; 19% in loans; and 13% in corporate financial management. Furthermore, the 2023 "Fintech Deep Dive" research by PwC indicates that only 6% of fintechs currently operate with an exclusive focus on B2C, offering solutions for the end consumer, which suggests a market potential ready to be explored.

Aware of this trend, some companies have already offered payment solutions to customers, combining technology with financial services: Vivo, through Vivo Pay, recently received authorization from the Central Bank to operate as a credit fintech – previously the service was called Vivo Money and included loan services; Natura is gaining market share with Emana Pay, used to meet the financial and payment solutions needs of the group's consultants.

In this scenario where several companies and retailers have swallowed up banks, many sectors can offer financial solutions directly to customers, facilitating transactions and improving the purchasing journey with more personalization, in a movement calledembedded financewhen non-financial companies originally begin to offer such services. An estimate by Deloitte, a consulting, auditing, and management firm, showed that by 2026, embedded services are expected to generate R$24 billion in revenue, with a focus on the retail, consumer goods, and other service sectors, which account for more than 35% of GDP. With more and more companies and retail transforming into fintechs in thisboomof opportunities, payment solutions platforms can act as intermediaries between the company and the client by offering a complete structure for the payment service.embedded finance.

This is the case of RPE – Retail Payment Ecosystem, which has been working to consolidate embedded financial services in other segments outside traditional retail, covering various clients who wish to diversify their own revenue. Today, some of the clients already using the RPE – Retail Payment Ecosystem service are Grupo Pereira, a retailer operating in five states and the Federal District; MartMinas, a wholesale retail chain; Condor, a supermarket chain; Tenda Atacado, a self-service retail segment; Cassol; Lojas Torra, a fashion retail chain; and Avenida.

Pedro Albuquerque, co-founder and Director of New Business at RPE, comments that, overall, some companies are unaware that they can also benefit from this market. "There is a difference between"embeddingfinances in companies that are in retail and in companies from other sectors, but that are also retailers. It's easier for me to tell a supermarket that it can offer a card to its customer than for a cosmetics store, but both can and benefit from it," he analyzes. According to him, what the other sectors lack is a bit more maturity to understand the benefits of starting inembedded finance, knowing what investment is necessary and also how much more loyal the customer will actually be after contracting an embedded financial service.

Here at RPE, we focus on payment solutions for retailers across various segments. If the retailer has an e-commerce platform, they can use our tool to better understand the customer. With it, they can offer a more digitized shopping experience. Whether they are an e-commerce retailer or not, they can also offer pre-approved credit for a specific customer profile, which they identify through their own CRM tools combined with RPE's payment journey tools. For example, if the consumer clicks on a specific model of a blue shirt at a certain price, multiple pieces of information about their interest in the product are triggered. When they enter a physical store, pick up a product, remove it from the shelf, scan the product, and put it back on the shelf, they also generate various data about their shopping behavior, which can be collected and analyzed using the retailer's CRM tools. Among these distributed data points is payment behavior—how the customer behaves at the moment of payment. This is where RPE comes in, bringing technology and a seamless journey for the customer to make the purchase. So, what happens is the integration of the customer's CRM tools with RPE's payment journey tools. In this way, the purchase ensures the retailer greater engagement and a more loyal customer, boosting retail sales and generating profitability for the retailer," explains Pedro, noting that these data are still used very minimally by Brazilian retailers.

The specialist cites the credit card as another important tool for customer loyalty, which helps to understand their purchasing behavior and deliver the best possible solution for their needs. "Purchasing with a card is another piece of information that the retailer can use to understand how to offer a more targeted deal to what the consumer needs, utilizing data intelligence behind it. If the retailer does not have their own card, they lack that information, so having their own financial service ensures more autonomy and is another way to generate profitability for the business," reiterates the specialist, ensuring that offering their own financial services is a scalable opportunity.

"The first step the retailer can take is to understand the business model and offer their own card. From there, later on, they can offer a cardless journey, transacting with biometrics, for example, bringing more security and digitization to the process," complements Pedro.

“RPE solutions are hosted on serverscloud, ensuring scalability and security on festive dates, such as Black Friday and Christmas, when the volume of transactions grows exponentially and retailers cannot lose performance and quality, especially in shopping and payment journeys, so that the retailer can continue to serve customers as expected”, he concludes.

Vidmob brings key trends and insights for brands to engage on LinkedIn

E-Commerce Update
-
0
Vidmob brings key trends and insights for brands to engage on LinkedIn

LinkedIn, the world's largest professional network, continues to evolve the way Brazilians present their careers and connect to opportunities. With over 65 million users in Brazil, the country stands out as one of the largest markets for the platform, ranking only behind the United States and India. In this scenario, marketing professionals dedicate themselves to better understanding the creative trends that drive campaign performance within the network.

Developed to provide marketing professionals with essential creative insights that maximize resonance and engagement with the platform's professional audience, Vidmob, a leading global platform in AI-based creative performance and LinkedIn's marketing partner since 2018, conducted an extensive study within the platform and now presents its key findings. The Creative Trends Report with LinkedIn analyzed data from over 13,600 creative assets, which generated more than 2.9 billion impressions for 10 parent brands and 111 global sub-brands. The analysis focused on paid video formats and static content, providing relevant insights.

The report combines Vidmob's unique creative data with insights from the LinkedIn platform, providing a comprehensive view of what truly drives performance for B2B marketers. "The discoveries are as intriguing as they are unexpected, highlighting the fundamental role of data-driven creativity in understanding audience preferences and optimizing campaigns. By leveraging these insights, brands can refine their strategies to better connect with the LinkedIn professional community and achieve more significant results," says Miguel Caeiro, Head of Latam at Vidmob.

Below are the main findings from the study to help brands boost results in campaign promotion on the network. Check below

  • AI in advertising – turning conversation into tangible impactAI messages emphasizing efficiency and future readiness resulted in a +197% and +748% increase in conversion rates. Generic mentions of AI generally fail in campaigns, leading to a 46% decline in VTR, which is the percentage of viewers who watched at least 25% of a video ad.
  • Emotional authenticity drives engagement:Authentic storytelling is essential. Creatives that showcase genuine emotions, such as determination and frustration, experienced an increase of up to 59% in video completion rates, surpassing corporate-style messages.
  • Use bold colors:High contrast colors led to a 68% increase in video completion rates and a 41% increase in engagement for static assets.
  • Show a relatable work environment: static creatives with multiple people or that emphasize community experiences resulted in a 14% increase in engagement rates. Additionally, casual and relatable visuals — such as employees in everyday scenarios — performed well. Clothing such as sneakers resulted in a +37% increase in VTR25% and jewelry, a +53% increase in VTR25%.

“LinkedIn has moved away from the idea of being just a platform for professionals looking to relocate in the job market. The network has become established and is now seen as a strategic channel, allowing brands to connect directly with their target audience, promoting engagement and maximizing return on investment,” says Caeiro.

Planning and networking should be on the radar of entrepreneurs who want to expand their activities in 2025

E-Commerce Update
-
0
Planning and networking should be on the radar of entrepreneurs who want to expand their activities in 2025

Small and medium-sized enterprises face the constant challenge of growing and standing out amidst rapid transformations and high market competitiveness. According to a Sebrae study, half of the businesses close before reaching five years, with lack of planning being one of the main reasons for this rate.

With this in mind, strategic planning and networking are essential tools for SMEs. This is because, in addition to being able to increase revenue and build solid businesses, building a strong network of contacts can help overcome barriers, especially for companies with limited resources.

SecondSamuel Modesto, accountant graduated from FACAPE, tax specialist from FJN-CE and author of the book “Beyond the NumbersThe definition of strategies is essential for SMEs to achieve their goals. "When you work with clear goals and a plan aligned with market needs, you can better utilize your resources, reduce expenses, and identify opportunities that drive revenue," he explains.

How to define strategies and expand professional contacts

Strategic planning is not just a tool for short-term growth, but also for building solid and resilient businesses over time. Modesto also emphasizes the importance of networking as a strategic advantage for entrepreneurs. "Sharing experiences and building connections help open doors, generate partnerships, and even access markets that, on their own, would not be possible to reach," he states.

For companies looking to boost their results, the first step is to map clear objectives and set priorities. Modesto suggests dividing goals into short, medium, and long term, establishing performance indicators to measure progress. "An efficient plan must be constantly reviewed. It is essential to adjust strategies as the market changes and new opportunities arise," he warns.

Regarding networking, the tip is to start by participating in industry-specific events. Prepare beforehand: bring business cards, get to know the participants in advance, and have a clear pitch about what your company offers. "Efficient networking is not just about exchanging contacts, but building value-based relationships rooted in trust and mutual collaboration," reinforces Modesto.

“Business Connection”: event creates bridges to business success

During the “Business Connection” event, which takes place in Petrolina (PE) on January 27, Modesto, with the participation of six other experts from the São Francisco Valley, will conduct an in-depth immersion on how to strategically plan to increase revenue and achieve the long-awaited financial stability.

Furthermore, the training offers the opportunity to utilize networking in a practical way. "Our goal is to provide tools that entrepreneurs and small business owners can apply immediately, optimizing processes, exploring new opportunities, and building professional relationships that add value to their businesses," says the mentor.

Six tips to avoid scams when selling online

E-Commerce Update
-
0
Six tips to avoid scams when selling online

Brazilian e-commerce is expected to generate more than 234.9 million reais in 2025, according to ABComm, representing a 15% increase compared to last year. The growth of sales in the digital environment also attracts the attention of cybercriminals, who improve their practices against retailers and consumers in order to steal and hijack data, take down online stores, or commit fraud through fake emails, messages, and websites.

In addition to the negative impact on the consumer, an attacked or cloned online store can cause financial losses and damage to the brand's reputation. Faced with the possibility of scams, specialist Eduardo Gonçales, CISO of TIVIT, a Brazilian multinational that connects technology for a better world, lists some precautions for retailers to sell without headaches:

Ensure availability- The stability of the site is essential for the operation to function fully even during periods of increased traffic, thus preventing the store from losing sales due to technical issues. In addition to investing in technological infrastructure and security solutions, it is essential to protect against so-called denial-of-service (DDoS) attacks, which aim to direct a volume of simultaneous accesses far above normal to a specific address until it becomes congested and unavailable.

Explore a web –Include routines in your processesthreat intelligence, or brand monitoring, in order to research mentions about the company and its executives in forums in the different layers of the internet, includingdark webanddeep web, where all types of attacks are ordered and planned. With this type of scanning, it is possible to detect plans to redirect your website traffic to fake pages on the internet or social media, thus preventing unauthorized or fraudulent sales of products bearing your brand.

Raise awareness among employees to protect their data –Market research indicates that the main entry points formalwareused in attacksphishingand ofransomware, who encrypt the data in exchange for a ransom amount, are the employees themselves. Most of the time, due to lack of knowledge, there is negligence when handling suspicious emails, connecting USB devices, accessing compromised websites, or using software with vulnerabilities. With remote work, the use of personal devices connected to the corporate network also increased. In addition to technology and processes, awareness among people is one of the essential pillars to ensure data security and avoid operational paralysis.

Perform backup and validate its integrity- In order to minimize the risks of service interruption and ensure that data can be recovered quickly and easily, it is very important to have a consistent backup system, periodically tested to validate its content and integrity, since many attacks start by compromising the backup and then impact the production environment. Furthermore, it is essential to have documentation with the catalog of all servers and ensure the order of data recovery in the event of a disaster, reducing data recovery time.

Validate your code repositories– A massive infection campaign in e-commerce stores is underway under the name ofHubberstore, the attack occurs through malicious JavaScript code used for extracting personal data and credit card information.

The recommendations in this case are as follows:

  1. Keep systems up to date, including operating systems, services, andframeworksused on the websites.
  2. Periodically review the codes in your repository and production environment, seeking to identify possible injections of malicious artifacts.
  3. Follow secure development best practices, a good reference is OWASP.
  4. Analysislogsand audit trails, preferably using a correlation system oflogs(SIEM), with the aim of identifying attempts to exploit vulnerabilities.
  5. Implement a multi-factor security (MFA) solution at key entry points and in your main code development environments, such as repositories and CI/CD (continuous integration and delivery) solutions.

Control and limit access to information- Ensure that users have the minimum privileges and restrict access to those who truly need it, ensuring their periodic review and recertification. The implementation of segmentation in the network minimizes the risk of an attack spreading quickly and uncontrollably, preventing significant impact and financial loss, and finally, use a password vault solution to enhance security for privileged access.

AI-generated scam will be cybersecurity challenge in 2025

Ramon Ribeiro
-
0
AI-generated scam will be cybersecurity challenge in 2025

In recent years, cybersecurity has become an increasingly relevant topic for organizations, especially in light of the significant rise in cyberattacks. This year, the challenge will be even more complex, with the use of Artificial Intelligence on various fronts by criminals – as well as the increasing complexity of digital systems and the sophistication of techniques employed by cybercriminals.

Defensive strategies will need to evolve to address new challenges, such as the significant increase in valid credential exfiltration and the exploitation of misconfigurations in cloud environments. Within this perspective, we list the main threats that will keep CISOs awake in 2025:

Valid credentials will be the main target

The 2024 IBM Threat Intelligence Index reported a 71% increase in attacks targeting the exfiltration of valid credentials. In the service sector, at least 46% of incidents occurred with valid accounts, while in the industry this number was 31%.

For the first time in 2024, the exploitation of valid accounts became the most common entry point in the system, accounting for 30% of all incidents. This shows that it is easier for cybercriminals to steal credentials than to exploit vulnerabilities or rely solely on phishing attacks.

Cloud misconfiguration is an Achilles heel for businesses

With so many companies using the cloud environment, it is natural that the complexity of managing the environment will only increase, as well as the challenges—and the difficulty in obtaining specialized labor.Some of the most common reasons for data breaches in the cloud are related to misconfigurations of cloud environments: missing access controls, unprotected storage buckets, or inefficient implementation of security policies.

The benefits of cloud computing need to be balanced with close monitoring and secure configurations to prevent exposure of sensitive data. This requires a cloud security strategy for the entire organization: continuous auditing, proper identity and access management, and automation of tools and processes to detect misconfigurations before they become security incidents.

Criminals will use multiple attack techniques

The days when attacks targeted a single product or vulnerability are gone. This year, one of the most alarming trends in cybersecurity will be the increasing use of multivector attacks and multi-stage approaches.

Cybercriminals use a combination of tactics, techniques, and procedures (TTPs), targeting multiple areas simultaneously to breach defenses. There will also be an increase in the sophistication and evasion of web-based attacks, file-based attacks, DNS-based attacks, and ransomware attacks, making it more difficult for traditional and isolated security tools to effectively defend against modern threats.

AI-generated ransomware will increase threats exponentially

In 2024, the ransomware landscape underwent a profound transformation, characterized by increasingly sophisticated and aggressive cyber extortion strategies. The criminals have evolved beyond traditional cryptography-based attacks, pioneering double and triple extortion techniques that exponentially increase pressure on targeted organizations. These advanced approaches involve not only encrypting data but also strategically exfiltrating confidential information and threatening its public disclosure, forcing victims to consider ransom payments to avoid potential legal and reputational damage.

The emergence of Ransomware-as-a-Service (RaaS) platforms has democratized cybercrime, allowing less technically skilled criminals to launch complex attacks with minimal knowledge. Critically, these attacks are increasingly targeting high-value sectors such as healthcare, critical infrastructure, and financial services, demonstrating a strategic approach to maximize potential ransom returns.

Technological innovation further amplifies these threats. Cybercriminals are now leveraging AI to automate campaign creation, identify system vulnerabilities more efficiently, and optimize ransomware delivery. The integration of high-performance blockchain technologies and the exploration of decentralized finance (DeFi) platforms provide additional mechanisms for rapid fund movement and transaction obfuscation, posing significant challenges for authorities' tracking and intervention.

AI-generated phishing attacks will be a problem

The use of generative AI in creating phishing attacks by cybercriminals is making phishing emails virtually indistinguishable from legitimate messages. Last year, according to information from Palo Alto Networks, there was a 30% increase in successful phishing attempts when emails are written or rewritten by generative AI systems. Humans will become even less reliable as a last line of defense, and companies will rely on advanced AI-powered security protections to defend against these sophisticated attacks.

Quantum computing will pose a security challenge

Last October, Chinese researchers claimed to have used a quantum computer to break RSA encryption – an asymmetric encryption method widely used today. The scientists used a 50-bit key – which is small compared to the more modern encryption keys, usually ranging from 1024 to 2048 bits.

In theory, a quantum computer can take only a few seconds to solve a problem that conventional computers would take millions of years, because quantum machines can process calculations in parallel, not just sequentially, as they do currently. Although quantum-based attacks are still years away, organizations should start preparing now. It is necessary to transition to cryptographic methods that can resist quantum decryption to protect the most valuable data.

1...244245246...526Página 245 de 526

LATEST ARTICLES

POPULAR TOPICS

POPULAR CATEGORIES

ABOUT US

E-Commerce Update is a leading company in the Brazilian market, specialized in producing and disseminating high-quality content about the e-commerce sector.

Contact contato@ecommerceupdate.com.br

© E-Commerce Update 2024 - All rights reserved.

[elfsight_cookie_consent id="1"]